|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:acceptsPaymentMethod
|
gptkb:Bitcoin
gptkb:cryptocurrency
|
|
gptkbp:alsoKnownAs
|
gptkb:Conti
|
|
gptkbp:associatedWith
|
gptkb:Wizard_Spider
|
|
gptkbp:connectsTo
|
gptkb:Costa_Rica_cyberattack_2022
gptkb:Ireland_Health_Service_Executive_attack_2021
|
|
gptkbp:disbanded
|
May 2022
|
|
gptkbp:firstAppearance
|
December 2019
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Conti ransomware group
|
|
gptkbp:knownFor
|
aggressive negotiation tactics
public shaming of victims
|
|
gptkbp:language
|
gptkb:Russian
|
|
gptkbp:leakOccurred
|
February 2022
|
|
gptkbp:leakRevealed
|
gptkb:law
financial transactions
internal chat logs
|
|
gptkbp:leakSource
|
gptkb:ContiLeaks
|
|
gptkbp:listedOn
|
gptkb:CISA
gptkb:US_Department_of_State
gptkb:Europol
gptkb:FBI
|
|
gptkbp:membersMovedTo
|
other ransomware groups
|
|
gptkbp:notableFor
|
data leaks
double extortion attacks
high ransom demands
|
|
gptkbp:operates
|
ransomware-as-a-service
|
|
gptkbp:origin
|
gptkb:Russia
|
|
gptkbp:primaryMotivation
|
financial gain
|
|
gptkbp:ransomDemanded
|
$10 million (Costa Rica)
$20 million (Ireland HSE)
|
|
gptkbp:rewardAmount
|
$10 million
|
|
gptkbp:rewardOfferedBy
|
gptkb:US_Department_of_State
|
|
gptkbp:supportedBy
|
gptkb:Russian_invasion_of_Ukraine
|
|
gptkbp:tactics
|
phishing
data exfiltration
lateral movement
exploiting vulnerabilities
encryption of files
remote desktop protocol brute force
threatening to leak data
|
|
gptkbp:target
|
gptkb:government_agency
healthcare organizations
critical infrastructure
corporate networks
|
|
gptkbp:usesMalware
|
gptkb:Ryuk
gptkb:Cobalt_Strike
gptkb:Conti_ransomware
gptkb:TrickBot
|
|
gptkbp:website
|
gptkb:Conti_News_leak_site
|
|
gptkbp:bfsParent
|
gptkb:Trickbot
gptkb:Conti_News
|
|
gptkbp:bfsLayer
|
6
|